From: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Date: Fri, 26 Apr 2024 23:09:29 +0000 (-0700)
Subject: ldap-conf-tls-cacertdir
X-Git-Tag: archive/raspbian/2.5.17+dfsg-1+rpi1^2~7
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=3b95d0062ff0fc5a8d21bbc15b3c312d93808c1b;p=openldap.git

ldap-conf-tls-cacertdir


Gbp-Pq: Name ldap-conf-tls-cacertdir
---

diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5
index df357ab7..7a376764 100644
--- a/doc/man/man5/ldap.conf.5
+++ b/doc/man/man5/ldap.conf.5
@@ -407,13 +407,13 @@ would require TLS 1.1.
 Specifying a minimum that is higher than that supported by the
 OpenLDAP implementation will result in it requiring the
 highest level that it does support.
-This parameter is ignored with GnuTLS.
+This parameter is ignored with GnuTLS. On Debian openldap is linked against GnuTLS.
 .TP
 .B TLS_RANDFILE <filename>
 Specifies the file to obtain random bits from when /dev/[u]random is
 not available. Generally set to the name of the EGD/PRNGD socket.
 The environment variable RANDFILE can also be used to specify the filename.
-This parameter is ignored with GnuTLS.
+This parameter is ignored with GnuTLS. On Debian openldap is linked against GnuTLS.
 .TP
 .B TLS_REQCERT <level>
 Specifies what checks to perform on server certificates in a TLS session.
@@ -475,7 +475,7 @@ Specifies if the Certificate Revocation List (CRL) of the CA should be
 used to verify if the server certificates have not been revoked. This
 requires
 .B TLS_CACERTDIR
-parameter to be set. This parameter is ignored with GnuTLS.
+parameter to be set. This parameter is ignored with GnuTLS. On Debian openldap is linked against GnuTLS.
 .B <level>
 can be specified as one of the following keywords:
 .RS